Repurposing digitally signed information

ABSTRACT

Methods and apparatus, including computer program products, implement techniques for repurposing digital information. One or more repurposing constraints are associated with information in an electronic document. A digital signature is associated with the repurposable information and the repurposing constraints. The repurposable information can be repurposed and represented as signed information subject to the repurposing constraints.

BACKGROUND

The present invention relates to digital rights management and signingelectronic documents.

A digital signature, like a conventional handwritten signature,identifies a person or entity signing a document. Digital signaturesallow a person to attest to something about a document by signing theirname to it. Thus, for example, digital signatures can be used toauthenticate and safeguard information by allowing authors and others to“sign” electronic documents with a unique electronic signature thatidentifies the person who applied it as having read, reviewed, orcontributed to the document's creation. A digital signature can alsoverify that a document has not been altered since it was sent.

Key-based signatures encode an electronic document with an encryptedunique signature that positively identifies the person who applied thesignature, when it was signed, and other user-determined information.Key-based systems can also control access to a document, allowing onlycertain persons holding certain keys to read or modify the document. Insome applications, a digital signature in a document is bound to thatdocument in such a way that repurposing the signed document—for example,altering the signed document or moving the signature to a differentdocument—invalidates the signature.

SUMMARY OF THE INVENTION

The present invention provides methods and apparatus, including computerprogram products, for digitally signing information in an electronicdocument for reuse.

In general, in one aspect, the invention features methods and apparatus,including computer program products, implementing techniques forrepurposing information in electronic documents. The techniques includeidentifying repurposable information in an electronic document, definingone or more repurposing constraints for the repurposable information,and associating a digital signature with the repurposable informationand the repurposing constraints.

Particular implementations can include one or more of the followingfeatures. Identifying repurposable information in an electronic documentcan include designating a subset of information as being repurposablewhere the designated subset includes less than all of the information inthe electronic document.

Defining one or more repurposing constraints can include designating adestination for the repurposable information. The techniques can alsoinclude receiving the repurposable information in a destination,validating that the receiving destination corresponds to the designateddestination, and using the repurposable information as signedinformation in the receiving destination.

The digital signature can be encrypted and the designated destinationcan be provided with a decryption key to decrypt the digital signature.The digital signature can be decrypted with the decryption key prior tovalidation of the receiving destination.

The destination can represent one or more operations capable of beingperformed on the repurposable information or a document in which therepurposable information can be used. The one or more operations caninclude displaying the repurposable information. Displaying therepurposable information can include displaying the repurposableinformation in an arrangement different from an original arrangement inwhich the repurposable information is displayed. The destination canrepresent a user authorized to repurpose the repurposable information.

A template defining the destination can be created. Identifyingrepurposable information can include identifying repurposableinformation in response to user input. A template including one or moresubsets of information can be created in the electronic document suchthat identifying repurposable information can include designating atleast one of the one or more subsets of information as repurposable. Asignature can be assigned to at least one of the one or more subsets ofinformation.

In general, in another aspect, the invention features methods andapparatus, including computer program products, implementing techniquesfor repurposing a signed electronic document, where the electronicdocument includes repurposable information. The techniques includereceiving an electronic document including repurposable information,repurposing constraints, and a digital signature, where the repurposingconstraints define one or more authorized uses for the repurposableinformation, validating destination information in the repurposingconstraints, and using the repurposable information as signedinformation.

Particular implementations can include one or more of the followingfeatures. The repurposed data can be represented as signed. The digitalsignature can be encrypted, and the technique can further includereceiving a decryption key, and decrypting the digital signature usingthe decryption key.

In general, in another aspect, the invention features methods andapparatus, including computer program products, implementing techniquesfor assigning a signature to an electronic document. The techniquesinclude displaying a representation of information in an electronicdocument, receiving user input designating information in the electronicdocument for repurposing, associating one or more repurposingconstraints with the designated information, and generating a digitalsignature for the designated information and the specified repurposingconstraints. The repurposing constraints define one or more authorizeduses for the designated information.

In general, in another aspect, the invention features methods andapparatus, including computer program products, implementing datastructures associated with an electronic document. The data structuresinclude a subset of information of the electronic document, one or moreconstraints on repurposing assigned to the subset of information, and asignature assigned to the subset of information. The constraints defineone or more authorized uses for the subset of information.

Particular implementations can include one or more of the followingfeatures. The repurposing constraints can include at least oneidentifier. The at least one identifier can include a hash of adestination assigned to at least one subset of data.

The invention can be implemented to realize one or more of the followingadvantages. Designating information in a signed electronic document forcertain destinations allows information in the signed document to berepurposed as signed information for other authorized uses, whilelimiting repurposing to those authorized uses. Designating authorizeduses can allow workflows to be signed end-to-end, and to be digitallyverifiable. This allows workflows that include “subsequent” documents ordatabases.

The details of one or more implementations of the invention are setforth in the accompanying drawings and the description below. Otherfeatures and advantages of the invention will become apparent from thedescription, the drawings, and the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an illustration of an electronic document includingrepurposable information that can be signed.

FIG. 2 is a flow diagram illustrating an implementation of a method forgenerating signed repurposable information in an electronic document.

FIG. 3 is a flow diagram illustrating an implementation of a method forusing user input for generating signed repurposable information.

FIG. 4 is a flow diagram illustrating an implementation of a method forusing a document having signed repurposable information.

FIGS. 5A and 5B are illustrations of a check including repurposableinformation that can be signed.

FIG. 6 is a flow diagram illustrating an implementation of a method forsigning a subset of data for repurposing.

Like reference numbers and designations in the various drawings indicatelike elements.

DETAILED DESCRIPTION

As shown in FIG. 1, a electronic document 100 includes information, suchas text, form fields, graphics, and images. In the example shown in FIG.1, electronic document 100 is an electronic form that includes fields110 that can be configured for interaction with (such as data entry by)a user. At least some information of an electronic document 100 cannotbe entered or changed by a user, such as the text or graphics thatdescribes what information a user is expected to insert in a field of aform. In this specification, the unchangeable information of anelectronic document will be referred to as a template of the electronicdocument. For example, in a form including a field for a user's name,text reciting “NAME” next to form field for receiving the user's name ispart of the form's template. An electronic document does not necessarilycorrespond to a file. A document may be stored in a portion of a filethat holds other documents, in a single file dedicated to the documentin question, or in multiple coordinated files.

An author of electronic document 100 can designate some or all of theinformation of the electronic document as being subject to repurposingby a user. In this specification, “repurposing” refers to the use ofinformation of an electronic document in a context other than that ofthe original electronic document, such as in a different electronicdocument, in a different workflow or computer program application,including a table in a database, or by a different user. An author of anelectronic document is a person or entity that defines information inthe electronic document, including template and interactive fields,whether by generating text, graphics, images or other information of thedocument, by arranging or publishing that information (e.g., by defininga presentation format for the information), or by defining one or moreterms of or constraints on uses that can be made of the information.Thus, for example, the author of a form can be a person who definesfields for entering data into the form.

FIG. 2 is a flow diagram illustrating an implementation of a method fordefining repurposable information in an electronic document. Informationis defined for an electronic document (step 210). The information can bedefined by an author of the electronic document. The information in theelectronic document can include a template and one or more fields forreceiving user input, as defined by an author.

Repurposable information is identified in an electronic document (step220). An author of the electronic document can identify and designateinformation in the electronic document as repurposable information.Repurposable information can include any information in or to bereceived into the electronic document. For example, repurposableinformation can include style information, such as a logo, a seal ortemplate for a letterhead, as well as text information entered by anauthor or a user. To designate particular information of electronicdocument 100 as being subject to repurposing, the author identifies theinformation in question as a subset 120 of the information of the parentelectronic document 100. In the example of FIG. 1, the author hasidentified a subset 120 that includes three of the form fields 110 ofelectronic document 100. The author can identify any number of subsetsin the parent electronic document. The identified subsets can be nestedwithin one another, or can overlap. For example, a subset A can includethe first twenty fields of a form having thirty fields while a subset Bcan include the last twenty fields of the form. The author makes theinformation associated with a particular subset available forrepurposing by designating the subset as being repurposable—for example,by setting a Boolean “Repurposable” attribute associated with thesubset.

One or more repurposing constraints are defined for the identifiedrepurposable information (step 230). Repurposing constraints can bedefined by an author of the electronic document by specifying terms ofor constraints on use that can be made of the repurposable information.Different repurposing constraints can be defined for differentrepurposable information. The author can define repurposing constraintsby designating a destination or destinations for the repurposableinformation. A destination is a particular user, electronic document,process (such as a computer application), or workflow that can make useof designated information (e.g., designated subsets of information) froma parent electronic document. A destination can represent one or moreoperations capable of being performed on designated information, or adocument in which the designated information can be used. The operationscan include a variety of operations, such as processing the designatedinformation (e.g., using values from the designated information incalculations or authorizations), or merely displaying the designatedinformation—such as, in a different form. Authorized uses of thedesignated information can also include displaying the designatedinformation in an arrangement different from an original arrangement ofthe designated information. According to this specification, the term“arrangement” can encompass style, layout, format or medium.

Thus, a destination or destinations can be designated for a particularsubset 120 of information by an author of the parent electronic document100. An author of a parent electronic document can designate one or moredestinations for a particular subset of information by associating adestination identifier or identifiers identifying the destination ordestinations with the particular subset as an attribute of the subset.An author can select designations to indicate whether particularinformation is available to a destination. For example, the author candesignate information as (1) not available to a specified destination,(2) available to the specified destination if included with otherauthorized data (i.e., a signature), or (3) available to the destinationbut not usable as signed information. Fields designated according to thelast of these can be made available to the specified destination, butthe destination would not be able to use the data in the field as signeddata.

When a destination is designated for information in an electronicdocument, a destination identifier for the destination is associatedwith the information and/or the electronic document, such that thedefinition of the document changes to include the destination. In someimplementations, destinations can be transitive, such that designationof a particular destination implicitly designates any other destinationsassociated with that destination. Thus, for example, if doc2 is adestination of doc1, a designation of doc1 as a destination for aparticular subset of information can automatically carry through to doc2as well, such that the information can be used as signed in both doc1and doc2. In particular implementations, such transitive relationshipsshould be defined from “final” to first. For example, if three documentsare related so that doc2 is a destination of doc1 and doc3 is adestination of doc2, if a designation of doc1 is to be transitive todoc3, the definition of doc2 must include that doc3 is a destination ofdoc2 before doc1 designates doc2 as a destination. The “definition” ofdoc2, which includes the repurposing constraint designating destinationdoc2, is changed when doc3 is designated a destination of doc2—i.e.,doc2 is “redefined”, becoming doc2′. In this case, if doc2 is designatedas a destination of doc1 before doc3 is designated as a destination ofdoc2 (i.e., before the definition of doc2′), doc1 does not recognizedoc2′ as a destination, and doc3 is not a valid destination of doc1.However, if doc1 designates doc2′ as a destination instead of doc2, thendoc3 is a valid subsequent destination.

A destination can be a “virtual” destination or destination proxy. Adestination proxy is essentially a placeholder that can be designated asa destination for repurposable information. One or more destinations canbe associated with the destination proxy, such that any information forwhich the destination proxy is designated can be repurposed in anydestination associated with the destination proxy. By using adestination proxy, it is possible to provide for changingdestinations—i.e., the destinations associated with the destinationproxy can be changed after the destination proxy is designated for aparticular item of information, and the information can be repurposed inthe changed destinations without requiring a new designation. Asignature or other authorization attached to the information by thedestination proxy can validate the destination(s) designated by thedestination proxy.

A destination or destinations can also be designated for particularinformation by a user of the parent electronic document 100. As used inthis specification, a user of a document is a person or entity that usesor manipulates information of the electronic document. For example, auser can input data into form fields 110 of an electronic document 100.A user can be (but need not necessarily be) an author of the electronicdocument (i.e., a user can generate, arrange, publish, or definerepurposing constraints on information of the document).

A digital signature is associated with the repurposable information andcorresponding repurposing constraints (step 240). For example, one ormore destination identifiers for the corresponding repurposingconstraints can be encoded in the signed parent document. The digitalsignature can be applied by a user to selected information—e.g., thefields 110 in the subset 120—and the associated repurposing constraints.Alternatively, the user can apply a single digital signature to theentire document, and the digital signature can be automatically appliedto each repurposable subset of information and to the associatedrepurposing constraints. The signature can be applied in different ways,depending on the implementation. In one implementation, when a usersigns a parent electronic document, the user's signature is appended toeach repurposable subset and stored in a file that is appended to theparent electronic document. Alternatively, when a user signs a parentelectronic document, the user's signature is appended to eachrepurposable subset, and the subset signatures are integrated into theparent electronic document so that the subset signatures become part ofthe parent electronic document.

Each field 110 in the subset 120 is made available to a specifieddestination. Data can flow from fields 110 in document 100 to fields inthe destination based on authorization. The author can specify one ormore destinations for each subset 120. The author can ensure that eachspecified destination can only use the fields 110 in each subset 120 forauthorized purposes. For example, the fields 110 in the subset can bemade available to the specified destination only in the context of asignature. One technique for specifying destinations can include takinga hash of each destination and then making the hash of each destinationavailable to a subset for which the destination is approved. The hash ofthe destination can be taken over a document template or object code foran application that the destination represents. A hash of thedestination document template or application can be used to signify thatthe data in the subset 120 is signed only in the context of a documentor application satisfying the hash. A hash can be taken by generating anumber from a string of text using a formula that creates a highprobability that the hash value for a particular string of text will beunique. Thus, if the destination is a document, a hash of the documenttemplate is taken and embedded with the document 100 template created bythe author. If the destination is a process, such as a computer program,a hash is taken over the computer program code and embedded with thedocument 100 template. To specify a particular user as a destination,user credentials can be made available to a subset for which thedestination (user) is approved. For example, a user credential caninclude a public certificate in a public/private key pair. The usercredential is associated with (e.g., appended to) the subset, and thecombination of subset and credential is digitally signed. Thereafter, auser signing with the proper credential (e.g., public certificate) willbe able to repurpose the repurposable subset(s) to which the usercredentials have been made available.

The author can also assign designations to a field to be viewable by aspecified destination if the field is not in a subset that isrepurposable by the specified destination.

FIG. 3 is a flow diagram illustrating an implementation of a method forusing repurposable information. An electronic document is received in auser system (step 310). The electronic document can be received througha network or from a storage medium, such as a disk or a CD-ROM.

Information for repurposing is selected from the electronic document(step 320). The information for repurposing can be selected based onpredetermined selection information or based on user selection. The userprovides information to the electronic document by entering data or byselecting information to be entered into fields of one or more subsetsthat have been designated for repurposing by the author of the documentfor repurposing, as described above. The user input can include inputtext or user selection of predefined values. For example, an electronicdocument including a plurality of fields can be displayed to a user, andthe user can type data directly into the displayed fields.

The display of the electronic document can include representations offields that are part of one or more repurposable subsets of information.The user may or may not be made aware of the repurposable subsets ofinformation or the destinations that are able to repurpose theinformation in the subsets of information. If the user is unaware of therepurposable subsets, the information for repurposing can be selected bythe system on which the electronic document is displayed based onfactors such as what type of data the user input, which fields have userinput data, information that is defined by the author as to always berepurposed and/or other factors defined by the author of the electronicdocument. If the user is made aware which information is repurposable,the user can select one or more repurposable subsets to be repurposedwith the user's signature.

Destinations for the selected information can be designated (step 330).The destinations can be designated based factors such as the type ofdata input by the user, which fields have user input data, destinationsthat the author has defined as always designated for one or moresubsets, and/or other author defined factors. In one implementation, theuser can select the destinations for the selected information. Forexample, the user can be presented with specified destinations availablefor the electronic document and/or for each subset of repurposableinformation of the electronic document, and the user can select one ormore of those destinations.

A user of the parent document can similarly designate a destination ordestinations for a subset by associating a corresponding destinationidentifier or identifiers with the subset, which can include selecting adesired destination or destinations from a collection of destinationsdesignated by an author of the parent electronic document—for example,by selecting a desired destination from a list of author-designateddestinations presented to the user in a graphical user interface.

Designating destinations can include associating a destinationidentifier with one or more fields in the information. The destinationidentifier ties the signature input by the user to a specific output(document, user, process, etc., as discussed above), and can be embeddedin the electronic document 100. The destination identifier can includean identifier pointing to and describing the specified destination. Forexample, the destination identifier can include the hash or usercredentials of the destination. A document identifier can also beassigned to each specified subset of information when the document hasbeen completed by a user. A document identifier can be an identifierpointing back to the original complete document. The document identifiercan include a hash of the original document or a pointer to the originaldocument. Thus, the document identifier can point to the completeddocument and the destination identifier can point to the specifieddestination.

The user applies a digital signature to the selected information andcorresponding destination identifiers (step 340). A user can apply asingle digital signature to the document 100, such that the signatureattaches to fields 110 for each subset 120 (and to the correspondingdestination identifiers); alternatively, the user can apply a digitalsignature to each subset 120 and any corresponding destinationidentifiers individually.

The selected information is transmitted to specified destinations (step350), where it can be repurposed subject to the designated repurposingconstraints.

In one implementation, the data in the fields 110 can be encrypted. Adecryption key can be sent to each approved destination. The decryptionkey can be used to decrypt the encrypted data. Only destinations havingan appropriate decryption key can access the information of the fields.

FIG. 4 is a flow diagram illustrating an implementation of a method forusing signed repurposable information from an electronic document. Adestination receives an electronic document that includes informationthat has been designated as repurposable (step 410). Receiving theelectronic document can also include receiving repurposing constraintssuch as an identifier indicating which document or application can usethe designated subset(s) of information as signed information. Theidentifier can include a hash of the destination. The identifier can beencrypted. If the identifier is encrypted, the destination can receive adecryption key with which to decrypt the identifier, and use thesubset(s) of information as signed information.

The destination can then use the designated subset(s) of information assigned information (step 430). For example, where the destination is aform document containing one or more fields, the destination mapsinformation in the received electronic document (i.e., the designatedsubsets) to fields in the destination form by identifying fields thatmatch fields in the received electronic documents, and can then use therepurposable information in the matching fields. Matching fields can bedefined in mapping rules that can be included as part of the destinationidentifier in the received electronic document.

The destination can then use the designated subset(s) of information assigned information (step 430). For example, where the destination is aform document containing one or more fields, the destination mapinformation in the received electronic document (i.e., the designatedsubsets) to fields in the destination form by identifying fields thatmatch fields in the received electronic documents, and can then use therepurposable information in the matching fields. Matching fields can bedefined in mapping rules that can be included as part of the destinationidentifier in the received electronic document.

FIGS. 5A and 5B illustrate one implementation of a system according toone aspect of the invention providing a check form 500 including fields510. The check form 500 can be designed by an entity, such as acorporation, to allow repurposing of the form information for differentdestinations. The destinations can include, for example, a bank or acorporate accounting department. The check form 500 can include fields510 for “Date,” “Name,” “Amount” and “Memo.” Different entitiesreceiving the check form 500 may be interested in different fields 510of the check form 500. For example, a bank may require access only tothe fields “Date,” “Name,” and “Amount,” but not “Memo.” By contrast, acorporate accounting department might require access to the “Memo” fieldas well.

The entity can design the check form 500 with fields that are useful forall of the different destinations. Then, the entity can designatesubsets of information as repurposable, and assign each destination tothe appropriate repurposable subset. Thus, to provide a single form formaking data available to both the bank and accounting, the form's authorwould designate the fields of “Date,” “Name” and “Amount” as a subset520 to be available to the bank, and a different subset to be availableto accounting.

In operation, the system displays an empty check form 500 to a userthrough a graphical user interface. To make a payment, the user fills inthe fields 510 on the displayed check 500 and signs the check 500. Whenthe user signs the check 500, the system attaches repurposingauthorizations to fields in each subset 520. For example, a bank can beauthorized to use fields “Date,” “Name” and “Amount” for certainapplications, such as calculating balance information.

FIG. 6 is a flow diagram illustrating an implementation of a method forsigning an electronic document. A user can view a representation of anelectronic document (step 610). The representation can include one ormore fields for the user to input information. The fields can include asignature field for the user to sign the completed document.

The user inputs information in the fields of the representation of theelectronic document (step 620). Inputting information can includeentering information in the field or selecting a control specifying avalue to be input in the field. Inputting information can also includeselecting one or more destinations to which to send the electronicdocument and/or designating one or more subsets of information to bemade available to a specified destination. Selecting a destination caninclude selecting one or more destinations from one or more destinationspresented to the user in the representation of the electronic document.The destinations presented to the user can include destinations selectedby the author of the electronic document. Designating repurposableinformation can include selecting a subset from one or more predefinedsubsets of information or selecting fields to be included in a userdefined subset of information.

When the user has completed inputting information in the fields of therepresentation of the electronic document, the user can enter asignature in a signature field of the electronic document (step 630).The signature can be entered using methods available for entering asignature that are available through the display tool or applicationused to view the electronic document. For example, a signature can beentered by selecting the signature and entering a previously setpassword to verify the signature.

The user can then submit the form to transmit the electronic document tospecified destinations (step 640).

The invention can be implemented in digital electronic circuitry, or incomputer hardware, firmware, software, or in combinations of them. Theinvention can be implemented as a computer program product, i.e., acomputer program tangibly embodied in an information carrier, e.g., in amachine-readable storage device or in a propagated signal, for executionby, or to control the operation of, data processing apparatus, e.g., aprogrammable processor, a computer, or multiple computers. A computerprogram can be written in any form of programming language, includingcompiled or interpreted languages, and it can be deployed in any form,including as a stand-alone program or as a module, component,subroutine, or other unit suitable for use in a computing environment. Acomputer program can be deployed to be executed on one computer or onmultiple computers at one site or distributed across multiple sites andinterconnected by a communication network.

Method steps of the invention can be performed by one or moreprogrammable processors executing a computer program to performfunctions of the invention by operating on input data and generatingoutput. Method steps can also be performed by, and apparatus of theinvention can be implemented as, special purpose logic circuitry, e.g.,an FPGA (field programmable gate array) or an ASIC (application-specificintegrated circuit).

Processors suitable for the execution of a computer program include, byway of example, both general and special purpose microprocessors, andany one or more processors of any kind of digital computer. Generally, aprocessor will receive instructions and data from a read-only memory ora random access memory or both. The essential elements of a computer area processor for executing instructions and one or more memory devicesfor storing instructions and data. Generally, a computer will alsoinclude, or be operatively coupled to receive data from or transfer datato, or both, one or more mass storage devices for storing data, e.g.,magnetic, magneto-optical disks, or optical disks. Information carrierssuitable for embodying computer program instructions and data includeall forms of non-volatile memory, including by way of examplesemiconductor memory devices, e.g., EPROM, EEPROM, and flash memorydevices; magnetic disks such as internal hard disks and removable disks;magneto-optical disks; and CD-ROM and DVD-ROM disks. The processor andthe memory can be supplemented by, or incorporated in special purposelogic circuitry.

To provide for interaction with a user, the invention can be implementedon a computer having a display device such as a CRT (cathode ray tube)or LCD (liquid crystal display) monitor for displaying information tothe user and a keyboard and a pointing device such as a mouse or atrackball by which the user can provide input to the computer. Otherkinds of devices can be used to provide for interaction with a user aswell; for example, feedback provided to the user can be any form ofsensory feedback, such as visual feedback, auditory feedback, or tactilefeedback; and input from the user can be received in any form, includingacoustic, speech, or tactile input.

The invention can be implemented in a computing system that includes aback-end component, e.g., as a data server, or that includes amiddleware component, e.g., an application server, or that includes afront-end component, e.g., a client computer having a graphical userinterface or an Web browser through which a user can interact with animplementation of the invention, or any combination of such back-end,middleware, or front-end components. The components of the system can beinterconnected by any form or medium of digital data communication,e.g., a communication network. Examples of communication networksinclude a local area network (“LAN”), a wide area network (“WAN”), andthe Internet.

The computing system can include clients and servers. A client andserver are generally remote from each other and typically interactthrough a communication network. The relationship of client and serverarises by virtue of computer programs running on the respectivecomputers and having a client-server relationship to each other.

The invention has been described in terms of particular embodiments.Other embodiments are within the scope of the following claims. Forexample, the steps of the invention can be performed in a differentorder and still achieve desirable results (e.g., choosing destinationscan be performed either before or after filling out form data).

1. A computer-implemented method comprising: identifying repurposableinformation in an electronic document, the repurposable informationbeing less than all of the content in the electronic document; definingone or more repurposing constraints for the repurposable information,the repurposing constraints identifying an authorized destination forthe repurposable information; and signing the repurposable informationand the one or more repurposing constraints with a digital signature,the digital signature authenticating the repurposable information, thedigital signature verifying that the repurposable information has notbeen altered since it was signed, the digital signature being maintainedby the authorized destination when the repurposable information isrepurposed.
 2. The method of claim 1, wherein: identifying repurposableinformation in an electronic document includes designating a subset ofinformation as being repurposable, the designated subset including lessthan all of the information in the electronic document.
 3. The method ofclaim 1, further comprising: receiving the repurposable information in areceiving destination; validating that the receiving destinationcorresponds to the authorized destination; and using the repurposableinformation as signed information in the receiving destination.
 4. Themethod of claim 1, further comprising encrypting the digital signature;and providing the designated destination with a decryption key todecrypt the digital signature.
 5. The method of claim 4, furthercomprising: decrypting the digital signature with the decryption key. 6.The method of claim 1, wherein the destination represents one or moreoperations capable of being performed on the repurposable information ora document in which the repurposable information can be used.
 7. Themethod of claim 6, wherein the one or more operations include displayingthe repurposable information.
 8. The method of claim 6, whereindisplaying the repurposable information includes displaying therepurposable information in an arrangement different from an originalarrangement in which the repurposable information is displayed.
 9. Themethod of claim 1, wherein the destination represents a user authorizedto repurpose the repurposable information.
 10. The method of claim 1,further comprising creating a template defining the destination.
 11. Themethod of claim 1, wherein identifying repurposable information includesidentifying repurposable information in response to user input.
 12. Themethod of claim 1, further comprising: creating a template including oneor more subsets of information in the electronic document; whereinidentifying repurposable information includes designating at least oneof the one or more subsets of information as repurposable.
 13. Themethod of claim 12, further comprising assigning a signature to at leastone of the one or more subsets of information.
 14. The method of claim1, further comprising: identifying in the electronic document adestination proxy as the authorized destination for the repurposableinformation, the destination proxy designating a plurality ofdestinations, all of the destinations in the plurality of destinationsbeing authorized to repurpose the repurposable information by virtue ofbeing designated by the destination proxy.
 15. The method of claim 14,further comprising: changing the plurality of destinations authorized torepurpose the repurposable information by changing the plurality ofdestinations designated by the designation proxy.
 16. The method ofclaim 1, further comprising: identifying a workflow as the authorizeddestination for the repurposable information, the repurposableinformation being used in one or more subsequent electronic documents inthe workflow.
 17. The method of claim 16, further comprising: using thedigital signature of the repurposable information to verify theworkflow.
 18. A method for repurposing a signed electronic document, theelectronic document including repurposable information, the methodcomprising: receiving an electronic document including repurposableinformation, repurposing constraints, and a digital signature, therepurposing constraints defining one or more authorized uses for therepurposable information, the repurposable information being less thanall of the information in the electronic document, the digital signatureauthenticating the repurposable information, the digital signatureverifying that the repurposable information and the repurposingconstraints have not been altered after being signed with the digitalsignature, the digital signature being maintained by the authorizeddestination when the repurposable information is repurposed; validatingdestination information in the repurposing constraints, the destinationinformation identifying an output destination as an authorizeddestination; and using the repurposable information as signedinformation at the output destination.
 19. The method of claim 18,wherein the digital signature is encrypted, the method furthercomprising: receiving a decryption key; and decrypting the digitalsignature using the decryption key.
 20. A method for assigning asignature to an electronic document, the method comprising: displaying arepresentation of information in an electronic document; receiving userinput designating information in the electronic document forrepurposing, the designated information being less than all of theinformation in the electronic document; associating one or morerepurposing constraints with the designated information, the repurposingconstraints defining one or more authorized destinations for thedesignated information; and generating a digital signature for thedesignated information and the one or more repurposing constraints, thedigital signature authenticating the repurposable information and theone or more repurposing constraints, the digital signature verifyingthat the repurposable information and the one or more repurposingconstraints have not been altered after being signed with the digitalsignature, the digital signature being maintained by the authorizeddestination when the repurposable information is repurposed.
 21. A datastructure associated with an electronic document, the data structurebeing stored on a computer-readable medium, the data structurecomprising: a subset of information of the electronic document; one ormore constraints on repurposing assigned to the subset of information,the constraints defining one or more authorized uses for the subset ofinformation; and a signature assigned to the subset of information andthe one or more constraints, the signature authenticating the subset ofinformation and the one or more constraints, the digital signatureverifying that the repurposable information and the one or morerepurposing constraints have not been altered after being signed withthe digital signature.
 22. The data structure of claim 21, wherein therepurposing constraints include at least one identifier.
 23. The datastructure of claim 22, wherein the at least one identifier includes ahash of a destination assigned to at least one subset of data.
 24. Acomputer program product, tangibly stored on a computer-readable medium,the product comprising instructions operable to cause a computer systemto: identify repurposable information in an electronic document, therepurposable information being less than all of the content in theelectronic document; define one or more repurposing constraints for therepurposable information, the repurposing constraints identifying anauthorized destination for the repurposable information; and sign therepurposable information and the one or more repurposing constraintswith a digital signature, the digital signature authenticating therepurposable information, the digital signature verifying that therepurposable information has not been altered since it was signed, thedigital signature being maintained by the authorized destination whenthe repurposable information is repurposed.
 25. The computer programproduct of claim 24, wherein the instructions operable to cause acomputer system to identify repurposable information in an electronicdocument include instructions operable to cause a computer system to:designate a subset of information as being repurposable, the designatedsubset including less than all of the information in the electronicdocument.
 26. The computer program product of claim 24, furthercomprising instructions operable to cause a computer system to: receivethe repurposable information in a receiving destination; validate thatthe receiving destination corresponds to the authorized destination; anduse the repurposable information as signed information in the receivingdestination.
 27. The computer program product of claim 24, furthercomprising instructions operable to cause a computer system to: encryptthe digital signature; and provide the designated destination with adecryption key to decrypt the digital signature.
 28. The computerprogram product of claim 27, further comprising instructions operable tocause a computer system to: decrypt the digital signature with thedecryption key.
 29. The computer program product of claim 24, whereinthe destination represents one or more operations capable of beingperformed on the repurposable information or a document in which therepurposable information can be used.
 30. The computer program productof claim 29, wherein the one or more operations include displaying therepurposable information.
 31. The computer program product of claim 30,wherein displaying the repurposable information includes displaying therepurposable information in an arrangement different from an originalarrangement in which the repurposable information is displayed.
 32. Thecomputer program product of claim 24, wherein the destination representsa user authorized to repurpose the repurposable information.
 33. Thecomputer program product of claim 24, further comprising instructionsoperable to cause a computer system to create a template defining thedestination.
 34. The computer program product of claim 24, wherein theinstructions operable to cause a computer system to identifyrepurposable information include instructions operable to cause acomputer system to identify repurposable information in response to userinput.
 35. The computer program product of claim 24, further comprisinginstructions operable to cause a computer system to: create a templateincluding one or more subsets of information in the electronic document;wherein the instructions operable to cause a computer system to identifyrepurposable information include instructions operable to cause acomputer system to designate at least one of the one or more subsets ofinformation as repurposable.
 36. The computer program product of claim25, further comprising instructions operable to cause a computer systemto assign a signature to at least one of the one or more subsets ofinformation.
 37. The computer program product of claim 24, furthercomprising instructions operable to cause a computer system to: identifyin the electronic document a destination proxy as the authorizeddestination for the repurposable information, the destination proxydesignating a plurality of destinations, all of the destinations in theplurality of destinations being authorized to repurpose the repurposableinformation by virtue of being designated by the destination proxy. 38.The computer program product of claim 37, further comprisinginstructions operable to cause a computer system to: change theplurality of destinations authorized to repurpose the repurposableinformation by changing the plurality of destinations designated by thedesignation proxy.
 39. The computer program product of claim 24, farthercomprising instructions operable to cause a computer system to: identifya workflow as the authorized destination for the repurposableinformation, the repurposable information being used in one or moresubsequent electronic documents in the workflow.
 40. The computerprogram product of claim 39, further comprising instructions operable tocause a computer system to: use the digital signature of therepurposable information to verify the workflow.
 41. A computer programproduct, tangibly stored on a computer-readable medium, for repurposinga signed electronic document, the electronic document includingrepurposable information, the product comprising instructions operableto cause a computer system to: receive an electronic document includingrepurposable information, repurposing constraints, and a digitalsignature, the repurposing constraints defining one or more authorizeduses for the repurposable information, the repurposable informationbeing less than all of the information in the electronic document, thedigital signature authenticating the repurposable information, thedigital signature verifying that the repurposable information and therepurposing constraints have not been altered after being signed withthe digital signature, the digital signature being maintained by theauthorized destination when the repurposable information is repurposed;validate destination information in the repurposing constraints, thedestination information identifying an output destination as anauthorized destination; and use the repurposable information as signedinformation at the output destination.
 42. The computer program productof claim 36, wherein the digital signature is encrypted, the computerprogram product further comprising instructions operable to cause acomputer system to: receive a decryption key; and decrypt the digitalsignature using the decryption key.
 43. A computer program product,tangibly stored on a computer-readable medium, for assigning a signatureto an electronic document, the product comprising instructions operableto cause a computer system to: display a representation of informationin an electronic document; receive user input designating information inthe electronic document for repurposing, the designated informationbeing less than all of the information in the electronic document;associate one or more repurposing constraints with the designatedinformation, the repurposing constraints defining one or more authorizeddestinations for the designated information; and generate a digitalsignature for the designated information and the one or more repurposingconstraints, the digital signature authenticating the repurposableinformation and the one or more repurposing constraints, the digitalsignature verifying that the repurposable information and the one ormore repurposing constraints have not been altered after being signedwith the digital signature, the digital signature being maintained bythe authorized destination when the repurposable information isrepurposed.
 44. A system comprising: means for identifying repurposableinformation in an electronic document, the repurposable informationbeing less than all of the content in the electronic document; means fordefining one or more repurposing constraints for the repurposableinformation, the repurposing constraints identifying an authorizeddestination for the repurposable information; and means for signing therepurposable information and the one or more repurposing constraintswith a digital signature, the digital signature authenticating therepurposable information, the digital signature verifying that therepurposable information has not been altered since it was signed, thedigital signature being maintained by the authorized destination whenthe repurposable information is repurposed.
 45. The system of claim 44,wherein: identifying repurposable information in an electronic documentincludes designating a subset of information as being repurposable, thedesignated subset including less than all of the information in theelectronic document.
 46. The system of claim 44, further comprising:means for receiving the repurposable information in a receivingdestination; means for validating that the receiving destinationcorresponds to the authorized destination; and means for using therepurposable information as signed information in the receivingdestination.
 47. The system of claim 44, further comprising: means forencrypting the digital signature; and means for providing the designateddestination with a decryption key to decrypt the digital signature. 48.The system of claim 47, further comprising: means for decrypting thedigital signature with the decryption key.
 49. The system of claim 44,wherein the destination represents one or more operations capable ofbeing performed on the repurposable information or a document in whichthe repurposable information can be used.
 50. The system of claim 49,wherein the one or more operations include displaying the repurposableinformation.
 51. The system of claim 50, wherein displaying therepurposable information includes displaying the repurposableinformation in an arrangement different from an original arrangement inwhich the repurposable information is displayed.
 52. The system of claim44, wherein the destination represents a user authorized to repurposethe repurposable information.
 53. The system of claim 44, furthercomprising: means for creating a template defining the destination. 54.The system of claim 44, wherein identifying repurposable informationincludes identifying repurposable information in response to user input.55. The system of claim 44, further comprising: means for creating atemplate including one or more subsets of information in the electronicdocument; means for wherein identifying repurposable informationincludes designating at least one of the one or more subsets ofinformation as repurposable.
 56. The system of claim 55, furthercomprising: means for assigning a signature to at least one of the oneor more subsets of information.
 57. The system of claim 44, furthercomprising: means for identifying in the electronic document adestination proxy as the authorized destination for the repurposableinformation, the destination proxy designating a plurality ofdestinations, all of the destinations in the plurality of destinationsbeing authorized to repurpose the repurposable information by virtue ofbeing designated by the destination proxy.
 58. The system of claim 57,further comprising: means for changing the plurality of destinationsauthorized to repurpose the repurposable information by changing theplurality of destinations designated by the designation proxy.
 59. Thesystem of claim 44, further comprising: means for identifying a workflowas the authorized destination for the repurposable information, therepurposable information being used in one or more subsequent electronicdocuments in the workflow.
 60. The system of claim 59, furthercomprising: means for using the digital signature of the repurposableinformation to verify the workflow.
 61. A system comprising: means forreceiving an electronic document including repurposable information,repurposing constraints, and a digital signature, the repurposingconstraints defining one or more authorized uses for the repurposableinformation, the repurposable information being less than all of theinformation in the electronic document, the digital signatureauthenticating the repurposable information, the digital signatureverifying that the repurposable information and the repurposingconstraints have not been altered after being signed with the digitalsignature, the digital signature being maintained by the authorizeddestination when the repurposable information is repurposed; means forvalidating destination information in the repurposing constraints, thedestination information identifying an output destination as anauthorized destination; and means for using the repurposable informationas signed information at the output destination.
 62. The system of claim61, wherein the digital signature is encrypted, the system furthercomprising: means for receiving a decryption key; and means fordecrypting the digital signature using the decryption key.
 63. A systemcomprising: means for displaying a representation of information in anelectronic document; means for receiving user input designatinginformation in the electronic document for repurposing, the designatedinformation being less than all of the information in the electronicdocument; means for associating one or more repurposing constraints withthe designated information, the repurposing constraints defining one ormore authorized destinations for the designated information; and meansfor generating a digital signature for the designated information andthe one or more repurposing constraints, the digital signatureauthenticating the repurposable information and the one or morerepurposing constraints, the digital signature verifying that therepurposable information and the one or more repurposing constraintshave not been altered after being signed with the digital signature, thedigital signature being maintained by the authorized destination whenthe repurposable information is repurposed.